Basically, pastebin is an online content hosting service that lets you store text. You can create and store up to 20 pastes at a time for free, and up to 250 pastes at a time for a pro account.
Two new features could make it easier for malware operators to disguise their operations
During the past few years, it has become commonplace for cybercriminals to use the site to store malicious code. This has led to a number of tools to counter misuse of the site. In addition to partnering with global cybersecurity companies and law enforcement agencies, Pastebin has also taken steps to improve its security. It has also implemented Abuse Management and Threat Analysis teams.
There have been some concerns in the cybersecurity community that the new features may be abused by cybercriminals. This is based on the fact that criminals have a number of tricks to disguise code and deliver bad software into a system.
Pastebin’s new features are not terribly original, but the company says that they are designed to benefit the security of users. The two features that the company has added are Password Protected Pastes and Burn After Read.
Gnosis uses pastebin to host a readme file detailing server logins, staff usernames and passwords
During December 2010, Gnosis was associated with a 500MB torrent file that was posted to ThePirateBay. This file allowed the download of 1.3 million passwords, including staff logins and server logins.
This prompted me to investigate the security features of Gnosis. The 500MB torrent file was associated with a Pastebin that hosted a readme file detailing the servers’ logins and staff’s usernames and passwords. This led to my discovery of a new trend in Pastebin.
I discovered that Pastebin has a trending list that lists the most popular shares and their respective number of hits. Half of the top 60 Pastebin pastes were related to server compromises. The other half were related to adult sites.
While the zoo is not a complete encyclopedia, I can attest that the PBS hack paste has received 26,000 hits. That’s one hell of a lot of hits!
ZeroBin is a privacy-focused place to create pastes
Unlike other paste sites, ZeroBin stresses the importance of privacy. It is a safe and simple way to share and store your text online.
ZeroBin uses 256-bit AES encryption to secure your content before it’s sent to a server. The decryption key is stored within the browser, and the data is compressed and encrypted in the browser before it’s transferred to the server.
The service also offers additional features such as the ability to set an expiration date and time for your paste. You can also password protect your paste. This prevents search engine spiders from crawling your paste and picking up your information.You can choose between various paste formats, such as Plain Text, Markdown, and Source Code. The format you choose will depend on the type of content you’re storing.
It’s not just programs that use Pastebin. Some malware authors have used the site to store hacked data and operational details. The site’s features include a QR code generator, syntax highlighting and automatic image embedding.
There are many different paste sites out there. Some feature unique features that are not found on others. Some even offer additional services, such as the ability to upload plain text, delete your paste from the server and create a new folder. Some sites are purely for sharing a list of dark web links.
Another notable feature of Pastebin is the ability to generate a unique URL for your paste. You can also set the expiration of your paste. You can choose to have it burn after reading, self destruct after one open, never expire, or expire after a certain amount of time.
For the more technically inclined, there is a feature known as the Scraping API. This is a process used by cyber-security researchers to scan the site for new and noteworthy content. This feature is not available to free members and requires a PRO account.
Finally
In addition to the usual features, Pastebin has a Password Protected Pastes feature. The site explicitly prohibits the posting of personal information such as email addresses and login details.